Get certificates signed by a third-party for Splunk Web

This topic provides basic examples for creating the third-party signed certificates necessary to configure Splunk Web for SSL authentication and encryption.

There are multiple ways you can create these certificates, depending upon your organization's policies, your network structure and the tools that you are using. If you have already generated these certificates and key, or if you are experienced with third-party certificates, you may prefer to skip this step and go directly to the configuration topic in this manual at Secure Splunk Web with your own certificate.

Before you begin

In this discussion, $SPLUNK_HOME refers to the Splunk installation directory. On Windows, Splunk software is installed at C:\Program Files\splunk by default. For most Unix platforms, the default installation directory is at /opt/splunk; for Mac OS, it is /Applications/splunk. See the Administration Guide to learn more about working with Windows and *nix.

Create a new private key for Splunk Web

1. Create a new directory to host your own certificates and keys. In this example we will use $SPLUNK_HOME/etc/auth/mycerts.

We recommend that you place your new certificates in a different directory than $SPLUNK_HOME/etc/auth/splunkweb so that you don't overwrite the existing certificates. This ensures that you can use the certificates that ship with Splunk for other Splunk components as necessary.

Try typing the following in your command prompt then run the openssl command again:

set OPENSSL_CONF=c:/Program Files/Splunk/openssl.cnf

2. Use the CSR mySplunkWebCert.csr to request a new signed certificate from your Certificate Authority (CA). The process for requesting a signed certificate varies depending on how your Certificate Authority handles a certificate signature request. Contact your CA for more information.

3. Download the server certificate returned by your Certificate Authority. For this example, let's call it "mySplunkWebCert.pem."

5. Make sure that both the server certificate and the public CA certificate are both in PEM format. If the certificates are not in PEM format, convert them using the openssl command appropriate to your existing file type. Here's an example of a command that you can use for DER formats:

Comments

Hi Xysarah,

My understanding is that we still do not support private key passwords in Splunk Web. I've reached out to our dev team to see if this has been updated in the back end without my knowledge and let you know what I find out. (And update the docs accordingly). Thanks so much for pointing this out!

Cheers,
Jen

Jworthington splunk, Splunker

June 14, 2018

"Splunk Web does not support private key passwords" from this document is conflicted with the web.conf in "https://docs.splunk.com/Documentation/Splunk/7.1.1/Admin/Webconf". The parameter "sslPassword" in web.conf is to protect the private key with password.
So which one is correct? Does Splunk Web does support private key passwords?

Xysarah

June 11, 2018

I believe there's a mistake in section "Create a new private key for Splunk Web", Step 4, Windows:

Enter your email address, and someone from the documentation team will respond to you:

Send me a copy of this feedback

Please provide your comments here. Ask a question or make a suggestion.

Feedback submitted, thanks!

You must be logged into splunk.com in order to post comments.
Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic.
If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk,
consider posting a question to Splunkbase Answers.

0
out of 1000 Characters

Your Comment Has Been Posted Above

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website.
Learn more (including how to update your settings) here »